This Week in Technology

New features have made it much harder for mundane cybercrime operations to come up with zero-days or reliable exploits for newly patched Microsoft bugs, reducing the number of vulnerabilities exploited at scale.

Customers who want to take advantage of the benefits of moving the Citrix control plane to the cloud and have Citrix manage the environment as a service from the cloud, all while keeping their critical apps and data securely on HyperFlex in the data center, can deploy everything in a matter of hours with just a few clicks.

With the arrival of powerful smartphones starting with Apple's iPhone in 2007, the explosive growth of cloud computing, and with the continuing spread of mobile computing, internet of things devices and other new technologies, Check Point has been facing fast-moving customer demands and technology changes that are helping to define its next moves.

The vulnerability allows malicious containers to overwrite the host and gain root-level code execution on the host machine. The flaw affects runC, an open-source tool for spawning and running containers used by programs such as Docker, Kubernetes, containerd, Podman, and CRI-O.

Now this Android spyware poses as a privacy tool to trick you into downloading

First uncovered in August last year, Triout malware collects vast amounts of information about victims by recording phone calls, monitoring text communications, stealing photos, taking photos, and even collecting GPS information from the device, allowing the user's location to be tracked.

Symantec’s acquisition of-based cybersecurity startup Luminate Security will make it possible to deliver private secure application access, granting user connections only to the specific applications and resources for which they are authorized.

Until today, the only known vulnerabilities impacting SGX enclaves had been side-channel attacks that leaked the data being processed inside an enclave, revealing an app's secrets. But in a research paper published today, security researchers showed that SGX enclaves could be used as a place to hide undetectable malware.

A bug in a developer API allows malicious apps installed on macOS Mojave to gain access to a normally protected folder from where attackers can extract Safari browsing history data. The bug affects all known macOS Mojave versions.

In technical jargon, Dirty Sock is a local privilege escalation flaw that lets hackers create root-level accounts. The actual vulnerability isn't in the Ubuntu operating system itself, but in the Snapd daemon that's included by default with all recent Ubuntu versions, but also with some other Linux distros.

What is a man-in-the-middle attack? How MitM attacks work and how to prevent them

MitM attacks consist of sitting between the connection of two parties and either observing or manipulating traffic. This could be through interfering with legitimate networks or creating fake networks that the attacker controls. Compromised traffic is then stripped of any encryption in order to steal, change or reroute that traffic to the attacker’s destination of choice (such as a phishing log-in site).

Victims are directed to rogue Flash Player update warnings through compromised legitimate websites and malicious advertisements. This means the distribution campaigns are more aggressive and widespread and no longer target just users who are actively looking to download content through BitTorrent sites.

We found EXE files in the wild delivering a malicious payload that overrides Mac’s built-in protection mechanisms such as Gatekeeper. This routine evades Gatekeeper because EXE is not checked by this software, bypassing the code signature check and verification since the technology only checks native Mac files.